892 matches found
Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 golang: net/http, x/net/http2: rapid stream resets can cause...
Grafana Security Vulnerabilities
Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. Grafana has a security vulnerability. An attacker can exploit the vulnerability to elevate privileges...
Security Bulletin: Cross-Site Scripting Attacks (XSS) on Service Portal
Summary The Service Portal web application delivers data to its users along with other trusted dynamic content, without validating it. The regex-based input HTML replacement may turn sanitized code into un-sanitized code. Vulnerability Details Refer to the security bulletins listed in the...
Ubuntu: Security Advisory (USN-6243-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6243-2: Graphite-Web regression
USN-6243-1 fixed vulnerabilities in Graphite-Web. It was discovered that the applied fix was incomplete. This update fixes the problem. Original advisory details: It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...
USN-6243-2 graphite-web regression
USN-6243-1 fixed vulnerabilities in Graphite-Web. It was discovered that the applied fix was incomplete. This update fixes the problem. Original advisory details: It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...
Ubuntu 18.04 ESM : Graphite-Web regression (USN-6243-2)
The remote Ubuntu 18.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-6243-2 advisory. USN-6243-1 fixed vulnerabilities in Graphite-Web. It was discovered that the applied fix was incomplete. This update fixes the problem. Tenable has extracted the...
Ubuntu: Security Advisory (USN-6243-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6243-1 graphite-web vulnerabilities
It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue on...
USN-6243-1: Graphite-Web vulnerabilities
It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform server-side request forgery and obtain sensitive information. This issue on...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : Graphite-Web vulnerabilities (USN-6243-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6243-1 advisory. It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked...
The vulnerability of the Graphite automated drawing system, related to writing beyond the buffer memory boundaries, allows a perpetrator to execute arbitrary code.
The vulnerability of the Graphite automated drawing system lies in the writing beyond the buffer memory boundaries during the analysis of the VC6 file. Exploiting this vulnerability allows an attacker to execute arbitrary code...
The vulnerability of the Graphite Ashlar-Vellum automated drawing system lies in the ability to write beyond the buffer memory limit, allowing a malicious actor to execute arbitrary code.
The vulnerability of the Graphite Ashlar-Vellum drawing system is related to the writing beyond the buffer boundaries of the memory during the analysis of the VC6 file. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Graphite automated drawing system, related to buffer overflow in the stack, allows a hacker to execute arbitrary code.
The vulnerability of the Graphite automated drawing system is related to buffer overflow in the stack during the analysis of the VC6 file. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Malicious code in graphite_remote_adapter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd2aa60f9c1fac3dfab372dff47188b2dc4b3f4d2b874b811d20db7a47faca1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
Paragon Solutions Spyware: Graphite
Paragon Solutions is yet another Israeli spyware company. Their product is called "Graphite," and is a lot like NSO Groups Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragons strategy. The company sought a list ...
CVE-2022-47439
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rocket Apps Open Graphite plugin = 1.6.0 versions...